Tuesday, July 04, 2017

Sudo on Solaris 10 and Solaris 11 allow to specify a privilege set a command will run with. This is very powerful if you want to be more specific in granting only required privileges for a given command, instead of allowing a command to run as root. Although Solaris has additional/different means to achieve the same, which in some cases is better than sudo, but the latter is what most users are familiar with.

This means that user milek can now run: sudo fmadm faulty
and the command will now work, but it won't run as root - it will execute as user milek with privileges set to basic,sys_admin, which is more secure than allowing the command to run as root.

Friday, April 21, 2017

Although The Register and others were suggesting Solaris 11 might be affected, it seems not to be the case - according to Oracle Solaris 11 has never been affected be either of them.The Register clarified it as well.

Also if you have a support contract you should have been told this much quicker.

ps. if you have CDE installed on Solaris 10 then there is an IDR available for extremeparr local exploit (again, Solaris 11 is not affected)

Friday, January 20, 2017

Solaris 11 adopts Continuous Delivery model, which means instead of Solaris 12 there will be Solaris 11.4, 11.5, etc. This is generally a good thing - quicker adoption of new features as most software certified for Solaris 11 should stay certified for the new dot releases, etc. This is also similar to what Microsoft did with Windows.